Now it's Ethiopia spying on Americans' computers

Maryland resident accuses foreign state of electronic stalking with spyware

A lawsuit has been filed on behalf of a Maryland resident who claims the government of his native Ethiopia spied on him with an electronic program that was created – and is sold to governments – for the purpose of observing the life people have on their computers – unnoticed.

Amid all the reports of spying on Americans by the U.S. government, through the National Security Agency, FBI and others, the complaint filed by the Electronic Frontier Foundation on behalf of a man identified only by the pseudonym of Mr. Kidane takes allegations to a whole new level.

The complaint filed in the U.S. District Court in Washington alleges the Ethiopian government infected his computer so that it could wiretap his private Skype calls and monitor his family’s every use of the computer for months on end.

“We have clear evidence of a foreign government secretly infiltrating an American’s computer in America, listening to his calls, and obtaining access to a wide swath of his private life,” said EFF Staff Attorney Nate Cardozo.

“The current Ethiopian government has a well-documented history of human rights violations against anyone it sees as political opponents. Here, it wiretapped a United States citizen on United States soil in an apparent attempt to obtain information about members of the Ethiopian diaspora who have been critical of their former government. U.S. laws protect Americans from this type of unauthorized electronic spying, regardless of who is responsible.”

The EFF said a forensic examination of the computer revealed the spyware, which is made and sold to governments by the Gamma Group of Companies, was installed when Kidane opened a Microsoft Word document.

There was an attachment with a program called FinSpy, and that program over months recorded his activities on the computer. It was discovered because the spyware left traces of the files it copied and surreptitiously sent to a secret control server located in Ethiopia and controlled by that government, the claim alleges.

“The problem of governments violating the privacy of their political opponents through digital surveillance is not isolated – it’s already big and growing bigger,” Cindy Cohn, the EFF legal director, said. “Yet despite the international intrigue and genuine danger involved in his lawsuit, at bottom it’s a straightforward case. An American citizen was wiretapped at his home in Maryland, and he’s asking for his day in court under longstanding American laws.”

Officials with the EFF said the attack apparently is part of a systematic program by the Ethiopian government to spy on perceived political opponents in the Ethiopian diaspora around the world.

They said human rights agencies and news outlets elsewhere have made related claims.

And they said Ethiopia is not alone. They said CitizenLab, a team of University of Toronto researchers, has discovered evidence that governments around the world are using FinSpy and other technologies to spy on human rights and democracy advocates.

EFF reports, “Essentially, the malware took over our client’s computer and secretly sent copies of his activities, including Skype calls, web searches and indications of websites visited [and] other activity, to the Ethiopian government.”

“This case is important because it demonstrates that state-sponsored malware infections and can indeed are occurring in the U.S. against U.S. citizens. It seeks to demonstrate that warrantless wiretapping is illegal and can be the basis of a lawsuit in the United States, regardless of who engages in it,” EFF said.

The complaint explains FinSpy can record Internet telephone calls, text messages, and file transfers transmitted through Skype, record every keystroke on the computer, and take a picture of the contents displayed on a computer’s screen. It can even covertly record audio from a computer’s microphone even when no Skype calls are taking place.

The complaint said the Internet Protocol to which the spyware sent data was inside Ethiopia, and was under control of the state-owned Ethio Telecom communications company.